Privacy Policy
Last updated: April 17, 2026 (version 2026.05)
1. Introduction
FainTrading, operated by Faintech Solutions SRL ("we", "our", "the Company"), is committed to protecting the privacy of our users. This policy describes how we collect, use, store, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) and applicable data protection legislation.
2. Data collected
We collect the following types of information:
- Identification data: name, email address, username
- Authentication data: password (encrypted), authentication tokens
- Payment data: processed securely through Stripe (we do not store card data)
- Usage data: IP address, browser type, time spent on the platform
- Trading data: paper trading transactions, strategy preferences
3. Purpose of collection
We use your data for:
- Providing and improving our services
- Processing payments and managing subscriptions
- Account and service-related communications
- Personalizing the platform experience
- Performance analysis and improvement
- Legal compliance and fraud prevention
4. Legal basis
We process your data based on:
- Consent: for marketing and non-essential cookies
- Contract execution: for providing services
- Legitimate interest: for platform improvement and security
- Legal obligation: for regulatory compliance
5. Data sharing
We may share data with:
- Stripe: payment processing (financial data)
- tastytrade: trade execution (only with explicit consent)
- Service providers: hosting, analytics, email (only minimal necessary data)
- Authorities: when required by law
We never sell your data to third parties.
6. Your rights (GDPR)
You have the right to:
- Access (Art. 15 GDPR): request a copy of the personal data we hold about you.
- Rectification (Art. 16 GDPR): correct inaccurate or incomplete data.
- Erasure / right to be forgotten (Art. 17 GDPR): request deletion of your data, subject to our legal retention obligations.
- Restriction of processing (Art. 18 GDPR): limit how we use your data, for example while a dispute over accuracy is resolved.
- Portability (Art. 20 GDPR): receive your data in a structured, machine-readable format, or have it transmitted to another controller where technically feasible.
- Objection (Art. 21 GDPR): object to processing based on legitimate interests, including profiling and direct marketing.
- Withdraw consent (Art. 7(3) GDPR): at any time through /settings/privacy in the app or by email, without affecting the lawfulness of processing carried out before the withdrawal.
We respond to rights requests within 30 calendar days (Art. 12(3) GDPR). In complex or high-volume cases we may extend this by up to two additional months, in which case we will inform you of the extension and the reasons within the first 30 days.
To exercise your rights, contact us at: privacy@faintrading.com
7. Data security
We implement technical and organizational measures to protect data:
- Encryption in transit (HTTPS/TLS) and at rest
- Passwords stored with secure hashing algorithms (bcrypt)
- Role-based access control
- Monitoring and audit logging
- Regular backups and recovery plan
8. Data retention
We retain data as long as you have an active account, plus the period required for legal obligations (e.g., invoices - 10 years per tax legislation). After account deletion, data is anonymized or deleted within 30 days, except as required by law.
9. International transfers
Application data is hosted within the European Economic Area (EEA) on servers operated by Hetzner Online GmbH in Germany. Some of our service providers are established outside the EEA, specifically: Stripe (United States) for payment processing, and Cloudflare (United States, with a global edge network) for DNS, content delivery, and DDoS protection. Transfers to these providers are safeguarded through EU Standard Contractual Clauses (SCCs) and, where applicable, European Commission adequacy decisions. You can request a copy of the safeguards in place by contacting us.
10. Cookies
We use cookies and similar technologies. For full details, see our Cookie Policy.
11. Changes
We may periodically update this policy. We will notify you by email or through the platform in case of significant changes. Continued use of the service after changes constitutes acceptance of the new policy.
12. Contact
For privacy questions:
If you believe your rights have been violated, you have the right to file a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP).